Featured Slideshow

In a Dallas courtroom on Thursday, writer and activist Barrett Brown was sentenced to 63 months in prison and was ordered to pay a little more than $890,000 in restitution and fines, according to reports.

Upcoming Live Events

Be sure to stay tuned for breaking news on our 2015 conference and expo, which promises to deliver even more innovative programming and an enhanced showcase of the latest cyber security solutions you must see.

Scammers looking to capitalize on massive Target breach

In the wake of the massive Target attack that allowed hackers to claim 40 million credit and debit cards and CVV codes in a few weeks, officials with the retail giant have now confirmed that related phishing communications have begun making the rounds.

It is very common for phishers to concoct schemes to scam people impacted in data breaches, particularly because they can capitalize by taking advantage of nerves and paranoia in the midst of a potentially confusing and scary situation.

“We are aware of limited incidents of phishing or scam communications,” according to a post on the Target website. “To help our guests feel confident that what they are hearing from Target is really from us, we are in the process of setting up a dedicated resource on our corporate website where we will post PDFs of all official communications that Target sends to our guests.”

Meanwhile, Target is denying all claims that encrypted personal identification numbers (PINs) were compromised in the attack, despite a Christmas Day Reuters report in which an anonymous “senior payments executive familiar with the situation” indicated otherwise.

“We continue to have no reason to believe that PIN data, whether encrypted or unencrypted, was compromised,” Molly Snyder, a Target spokeswoman, told Reuters by email. “And we have not been made aware of any such issue in communications with financial institutions to date. We are very early in an ongoing forensic and criminal investigation.”

UPDATE: According to a Friday statement posted on the Target website, further investigations revealed that encrypted PIN data was obtained during the attack. “Target does not have access to nor does it store the encryption key within our system,” according to the release. “The PIN information is encrypted within Target's systems and can only be decrypted when it is received by our external, independent payment processor.”

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.